Researchers from the UOC and IP Paris have designed an innovative system to guarantee the integrity, origin and security of data from Internet of Things (IoT) networks.
Open University of Catalonia
The progress of new technologies has allowed a large part of the devices, appliances and appliances in homes, offices, industries and on public roads to be connected to the network through the Internet of Things (IoT) to improve and speed up processes, jobs and even the quality of life of citizens. However, this massive connection of everyday objects can lead to numerous risks, especially in the processing of personal or sensitive data, or the information handled by these objects.
Now, a team of experts, led by researchers from the Universitat Oberta de Catalunya (UOC) and the Institut Polytechnique de Paris (IP Paris), has designed a system to guarantee the integrity, origin and security of data coming from IoT networks, especially in those areas where connected devices have limited computing and storage resources.
"We have developed a zero-watermark digital marking capable of incorporating information from the source without modifying the original data, which ensures tamper-proof transmission over the network," says Omair Faraj, lead author of this work and PhD with the UOC, in the Information and Network Technologies programme at the UOC and the Télécom SudParis at IP Paris. with the research group K-iptography and Information Security for Open Networks (KISON), together with Professor David Megías, Lead Researcher at KISON and Director of the Internet Interdisciplinary Institute (IN3), and Joaquín García Alfaro, Professor and Researcher at Télécom SudParis, both co-authors of this work.
Specifically, this innovative method, specifically designed to guarantee data integrity and secure provenance in environments where the Internet of Things is used, is called ZIRCON (Zero-watermarkIng-based data pRovenanCe for IoT Networks). "ZIRCON uses a zero-watermark technique without modification of the data itself, where a unique mark is generated from the metadata of the data – similar to the IP address of a device – but without embedding this mark directly in the original data," says Faraj. In this way, thanks to the use of this framework, the brand is stored separately in a network database that is resistant to tampering and unwanted external interference.
IoT Challenges and Risks
Systems based on the Internet of Things have very specific particularities, so they face unique challenges compared to other digital environments. For example, devices often have limited processing power, short battery life, and a slower band speed.
Likewise, the advancement and implementation of IoT also entails numerous risks. On the one hand, data management, due to its dynamic and highly interconnected nature, increases data vulnerability, especially at the connection points between different devices. Second, the lack of computational capabilities makes it difficult to use complex security and encryption techniques. This increases the risks and threat that data could be captured, modified, or falsified.
Due to the possible consequences of these risks, which can affect key sectors of society, such as electricity networks, traffic or infrastructure, 30 November is International Information Security Day, an event aimed at promoting secure, reliable and verified computer systems.
In this regard, the ZIRCON system is able to solve this type of conflict thanks to its innovative design, which requires only light computational capacities and low energy demands. It is a system applicable to a large part of digital environments to turn them into secure, integral and verified networks at each stage of device interconnection. "It's an ideal solution for IoT devices with limited resources," Faraj emphasizes.
In addition, according to experts, this system is highly resistant to both passive and active attacks, including packet replay, data manipulation, and provenance forgery. "Our results indicate that ZIRCON is superior to traditional methods, especially due to its light processing, efficient use of bandwidth and reduced energy consumption," says the UOC researcher.
Secure transmission
Another of ZIRCON's fundamental points is the ability to verify the integrity of data at every hop within an IoT network. This ensures secure end-to-end transmission, providing a solution for the integrity of the data handled by the applications of the devices connected to the network. "ZIRCON is a system that is robust against attacks, lightweight and efficient in data storage, energy use and bandwidth consumption, compared to previous techniques," the experts emphasize.
In addition, the design of this innovative system opens up a field of new opportunities to improve network security. "Upcoming work will be able to explore the integration of ZIRCON with other cryptographic methods or its application in emerging environments," concludes Faraj.
This work has been possible thanks to various sources of funding, such as funds from the Ministry of Science, Innovation and Universities, the ARTEMISA International Chair in Cybersecurity and the DANGER Strategic Cybersecurity Project, belonging to the National Cybersecurity Institute of Spain, and through funds from the European Union NextGenerationEU and the Recovery Plan. Transformation and Resilience, with the support of the Cyber CNI Chair of the Institut Mines-Télécom in France.
This UOC research supports the UN's Sustainable Development Goal (SDG) 9: industry, innovation and infrastructure.
